Wow, this topic has garnered more interest and contributions than I had anticipated. I greatly appreciate this, and I hope it might provide answers to future readers as well. I’ll go through each comment at the end, but I’ll make a centralised answer first.
I’m seeing a lot of suggestions, but some maybe a bit too much on the tech savvy side. I understand that this may be due to the general audience of L1 and forum, which I can fully understand. I have had to learn to dial back my ‘enthusiasm’, terminology and expectations as well with most of the people of the target group this topic is concerned with. Maybe it will help if I outline some user conditions, that may set some boundaries to this. I’m not excluding possibilities or bashing on ideas, but given my personal experiences in changing workflow or interaction-flow, as well as preferences and capabilities of this age group, in this scenario and use-case (and generally, often for most elderly PC tech situations), I’d like to stick to the following boundaries:
- Continued use of current operating system (often Windows 10): please understand that most barely grasp the concept of folders, directories, hard drive vs ‘cloud’, webbrowser vs google, etc., AFTER (visual) explanation in simple terms.
- User environment of Windows 10 remains similar in workflow, (GUI), icons / style, paths and directories etc.: change is immensely confusing, even a change in icons or layout / navigation can be devastating (thanks Apple…).
- Preferred reactive, or at least freezing, programs or processes: Don’t expect much from the user, they won’t run Malwarebytes (or alike in purpose) or quarantine files or programs on their own. Virusscanners and other protection / barrier systems should run in the background and warn (e.g. auto-scans and auto-quarentine of email attachments, etc., are part of certain programs).
- Making use of off-the-shelf and common/universal software, programs or setting changes. I’m absolutely not risking anything by installing custom hobbyist tools, unless they are considered safe or are widely used by the industry (e.g., WinDirStat, Sysinternals process explorer, etc.).
- Permanent background ‘on-off’ settings etc. are useful. E.g.: tightening or increasing spam filter sensitivity in Outlook (or alike), setting up a low permission level user account in Windows with admin control (with password), turning off auto-attachment or in-line image downloads in email programs, increasing Windows permission prompt sensitivity (the ones you get when downloading or installing), etc.
- Requesting simple additional processes or -steps are possible. For example, asking them to first check email sender domain addresses on trustworthiness (I give them a list of common bad indicators) before opening them or any attachments, or giving them the outlines and indicators of most socially engineered scam concepts, is often not a problem.
- A hands-off solution: I do not want to be required to monitor remote conditions or be required to do weekly checkups, and neither do clients. This is not my job, I mostly do this in my free time to help out others. Some clients have had bad experiences or have been ripped off (€400,- for a simple Android phone media and profile transfer…), so I give them the option of tech help this way. Furthermore, these are not retirement home type of elderly, most just lack the technical experience and expertise in life due to generational differences.
Please also understand that these might be worst case scenarios, some have no problems with certain aspects. I am just covering the worst case yet outer limit of cases that I am willing to take on / put energy into.
The example of @NorthernWing is similar to 90% of my experiences as well. With most I sit down, go through each process step and write it down in their own ‘language’ so that they understand what they wrote down, but with some this still leads to them flat-out skipping steps and being confused why it doesn’t work. And yes, the ‘Office save location’ is one of them. So we’re talking about ineptness as a result of age (not being discriminate, I’m talking biological and synapse degradation), but mostly also because they cannot, and have never had to, grasp the concepts of these type of (digital) systems and their logical (inner) workings. The analogy I often use for HDD, directories/paths and folders in Windows Explorer and its files, and the PC as a whole, is an old archive cabinet. The office is the PC, many things reside there (plants, people, telephones, tv maybe, archive, etc.), the file cabinet is the HDD, folders are, well, folders, but the directories/paths are in which drawer they are stored, and files of course the tangible things in the folders. But more expanded and more limitless. Then they often understand, as it is closer to potential real-life experience they have. The difference between remote storage, or ‘cloud’, and local storage requires a whole different story. But I’m getting off topic.
@jode That’s the kind of user permission thingy I meant. Also, I understand your comment of widening the view, I am just including it for the reason that I need a fool-proof concept or system for an adult of which you might otherwise expect full mental capacity in daily tasks and thought processes (e.g., asking to look up specific but simple things under relaxed conditions with no pressure, e.g. a photo album of year 2020 etc. on the client’s phone, leads to a complete mental jam or brainfart and just results in them furiously tapping left and right on their phone (opening apps, general settings, specific pictures inside that album, etc.).
@FurryJackman That Deep Freeze concept sounds interesting. I am, however, a bit confused on the right-holding party. Is it a service of just one company, or a concept? For example, when searching I come across Faronics, but they seem to be more B2B oriented and not for private use.
But from a conceptual point of view, can I compare the concept to a Windows re-install option where it retains all personal files and settings etc., but wipes all programs? Because something that also wipes Office, printer drivers, card games etc. is not an option.
@regulareel That looks both as interesting as it sounds dicey. Helpful as a first step though, but not applicable to the related PC environment.
@TowedJumper3504 I understand. But given the target group, I think for most Linux is out of the question. Most are finally just getting around in getting used to the W10 environment and (G)UI after all these years. Also, if they look up anything how-to-ish on the internet (there are lots of elderly-focused help-sites) or ask a family member to do something, that will likely result in a massive inadequacy in knowledge and know-how. Also, drivers…
@NorthernWing RAM disk bootloader as in, installing Windows on RAM? I think I’ve seen a video somewhere some years ago about that. Also, sounds interesting, but not really applicable for this use case.
@MilzyBee Thank you. I see your train of thought and realisation in your comment that a lot quickly falls off as viable options.
@NorthernWing The group policy thing might be an interesting addition to the non-admin rights with their user account. However, wasn’t that remove in W10 Home? If not, what would be some of the settings I could look into with GP?
“Yeah user data is going to be the issue with pretty much any solution.”
That is my conclusion as well. Hence my choice in not making a final backup to their backup external HDD. A program or system that completely wipes after each restart sounds great from a security perspective, for a public library or something, but not for a personal computer where, sometimes, ALL personal files (pictures, videos of grandchildren) are on that PC.
I understand that I cannot ask for the perfect system, it may also be that I arrive to the conclusion that it might be best to supervise (by spouse), limit (important tasks done by spouse), or even strongly advice to stop general use of the PC environment (tablet and phone can be more lenient) for this particular case.
For general cases, I will likely still adhere to the user-profile without admin rights etc. and restricting / creating as many checkpoint hurdles in the OS and commonly used programs as possible.
On a sidenote, most clients ask me about their virusscanner they have been talked into when buying their system (often laptop) at the store. I generally tell them that, if it makes them feel safer and they can spare the money, they should keep it (Norton, McAfee, etc.). I often tell them that Windows Defender should suffice for their use scenario (general A-grade website browsing, emails, some Youtube perhaps) and that the first barrier is themselves, followed by some advice based on third-party expertise and knowhow (Jim Browning, The PC Security Channel and others alike on YT) and trusted sources to educate themselves (including free webinars by the banks they have accounts with).
Is my statement on Windows Defender being sufficient correct? I used to, on request, install stuff like Kaspersky. Or where applicable, ISP-provided F-secure (or alike) desktop clients or browser extensions, but don’t anymore based on expert suggestions that Windows Defender should be enough.
I’ve had plenty of clients with scam situations, where I had to fix everything afterwards (including re-installs), that blame the computer and that they should “buy antivirus program” as panic reaction. And I refer them to my argument again about educating themselves and becoming more resistant to social engineering, before they act on their suggestion by throwing out the computer because it is not safe…